I am honored to have received my official notification of being designated a US expert to IEC TC45/SC 45A/WG9 - Instrumentation and control of nuclear facilities. This is in addition to being a designated US expert to IEC TC 57 WG15 - Power systems management and associated information exchange, and...
The Myth of Rip and Replace in SCADA and Industrial Control Systems #cybersecurity #pauto #SCADA @tofino @digitalbond
Recently, Eugene Kaspersky made headlines about designing an operating system for industrial control systems. It doesn't seem to have gone anywhere, as you might expect.
In the IT environment a denial-of-service is one of the worst case scenarios. In this case, data can no longer move and the system comes to a stop. In the ICS environment, the worst case scenario is loss of control (LOC) and/or loss of view (LOV).
NIST defines a cyber incident to be communications between systems (or people and systems) that affect confidentiality, integrity, or availability. The NIST definition does not require an incident to be malicious to be defined as a cyber incident.
Recently, ICS-CERT disclosed that in October 2012 a computer malware virus invaded a turbine control system at a US power plant when a technician "unknowingly" inserted an infected USB computer drive into the network, keeping the plant off line for three weeks.
Recently, several ICS end users in the Middle East and Asia have been exposed to attacks directly on the control systems through firewalls that have been misconfigured, or not configured correctly, for Modbus and OPC data.
The November/December 2012 issue of ISA's Intech magazine has an article "Selecting temperature measurement and control systems". The article states: "Network connectivity ties everything together. The goal of any DAS (data acquisition system) is to deliver sensor data for reporting and analysis.
In the IT community, a worst case scenario is denial-of-service. In the ICS community, a worst case scenario is loss of control/loss of view. Enclosed are some recent cases of loss of control/loss of view with four different major ICS suppliers each without a known cause.
The broken record - why do people who don't understand ICSs still continue to speak for ICS cyber security
Would anyone with a heart condition go to an orthopedist to check on their heart? An internist and orthopedist are both doctors, but they certainly have different specializations. The fact that someone understands IT security does not make them an ICS cyber security expert.
On December 14, SANS came out with the following headlines: All 3 "top of the news" stories this week illustrate an important security trend: Internet facing control systems are becoming much more prevalent allowing easy exploitation of disclosed vulnerabilities for disruption as well as back door access to other corporate systems...